Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality. Learn more →
Bad_actor_poc Alternatives
Similar projects and alternatives to bad_actor_poc
-
-
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
-
-
code-it-later-rs
Filter crumbs you left in comments of code to remind where you were
-
macro_prototype
A very basic prototype of macros using build_runner
-
const-eval
home for proposals in and around compile-time function evaluation
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
-
security
Embargoed security issues that will be made public after a fix is made available. Use https://github.com/nim-lang/security/security (by nim-lang)
-
lazarus
Discontinued Lazarus - an IDE and GUI toolkit for use with Free Pascal. This is an unofficial mirror of the Lazarus SubVersion repository and is for convenience use only. It is synced every 15 minutes. For submitting patches or bug reports, go to http://bugs.freepascal.org (by graemeg)
-
-
-
-
bad_actor_poc reviews and mentions
-
Why is `const fn` different from other “const” things?
I'm not suggesting people in this thread are wrong, but working for a security company gives a slightly different perspective. For example, there's really nothing stopping a rogue crate from exporting your private keys, just by using VS code. I wasn't thinking about this when I helped write that proposal, though.
-
Did somebody play around with macros yet?
Hopefully they can make it impossible to delete files/folders or doing subtle stuff like this: https://github.com/lucky/bad_actor_poc (reading private keys via macros in rust and sending them to a remote server)
-
todo-or-die!
Having less tools that can do things like https://github.com/lucky/bad_actor_poc is a relief.
-
Workspace Trust in VS Code
Code execution that may not be so obvious could be the preLaunchTask that runs before starting the app and can run a build that has an extra task executing arbitrary code unrelated to the build. What about the npm module that steals your crypto wallet private keys? Make a simple edit and a malicious linter is loaded from the node_modules folder, instead of the one that is installed globally. Even reading the code can be deceptive, attackers can use Unicode hacks to hide malicious code in plain sight. Heck, you don't even have to open any source code to be owned.
- Visual Studio Code May 2021
-
Carnet: A Tool for Sandboxing Cargo and Buildscripts
https://github.com/lucky/bad_actor_poc is one example
-
Fixated on end-user security, FOSS developers neglect their own...
It turns out that because Rust can execute code at compile time, simply opening a Rust source file in an editor with code completion support can cause a virus to be installed on my computer. Apparently I can't trust anything but basic text editors anymore...
- Using Rust Macros to exfiltrate secrets
-
A note from our sponsor - InfluxDB
www.influxdata.com | 28 Mar 2024
Stats
lucky/bad_actor_poc is an open source project licensed under MIT License which is an OSI approved license.
The primary programming language of bad_actor_poc is Rust.